e40cc2f5b7a7a012b3aa74d82cc3465eb2bd0c768aa0c8d724f68c1c9981c5c5 | Triage

Submit
Reports

Overview

overview

Static

static

e40cc2f5b7...c5.exe

windows7-x64

e40cc2f5b7...c5.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

e40cc2f5b7a7a012b3aa74d82cc3465eb2bd0c768aa0c8d724f68c1c9981c5c5.exe

Resource

win7-20220812-en

persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

e40cc2f5b7a7a012b3aa74d82cc3465eb2bd0c768aa0c8d724f68c1c9981c5c5.exe

Resource

win10v2004-20220812-en

persistence spyware stealer upx

windows10-2004-x64

4 signatures

150 seconds

General

Target

e40cc2f5b7a7a012b3aa74d82cc3465eb2bd0c768aa0c8d724f68c1c9981c5c5
Size

170KB
MD5

10616e31f619863fa7cd61b7e9ce6560
SHA1

f860ff7f75436c9c1aa5899896aa2bf7d11d38a1
SHA256

e40cc2f5b7a7a012b3aa74d82cc3465eb2bd0c768aa0c8d724f68c1c9981c5c5
SHA512

17b1bdc9c67f147b3e4ab6c911393c44ad6de4ff71b86a31e8a9f0e84e4c0f6b6cb95e0ce4773ce01618adb5c01161565239f65a74880599da1e8c765a4ff820
SSDEEP

3072:yw7DUMpMDqy1AdHlfSYxPXVUdKcGerKXe0g4qnW/RFA1/KSwLMxuo:yaMOJdFKYRVJeWXe0uWXA1KL6uo

Score

N/A

Malware Config

Signatures

Files

e40cc2f5b7a7a012b3aa74d82cc3465eb2bd0c768aa0c8d724f68c1c9981c5c5
.exe windows x86

160ec8360a182b63c1d1a6bdd22d5980

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GlobalGetAtomNameA
WriteConsoleA
HeapSize
TlsGetValue
GetACP
MultiByteToWideChar
GetCPInfo
GetTimeFormatA
SetStdHandle
TlsAlloc
GetLocaleInfoA
GetConsoleOutputCP
EnumResourceNamesW
GetDateFormatA
CreateSemaphoreW
RtlUnwind
TlsSetValue
GetOEMCP
VirtualAlloc
IsValidCodePage
HeapReAlloc
RaiseException

user32

CharNextA
LoadStringA
DispatchMessageW
GetDesktopWindow
MessageBoxA
DispatchMessageA
PeekMessageA
wsprintfA

rpcrt4

RpcStringFreeA

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHAppBarMessage
SHBrowseForFolderA
SHGetFileInfoA
DragAcceptFiles
Shell_NotifyIconA

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 478KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy